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CLAIMS 



What is Claimed: 

1 . In a network including a plurality of network devices operated by a plurality 
5 of users, a real-time information exchange system for sharing user profile information 
between respective users of the network devices, comprising: 

a database management system connected to the network and storing the 
user profile information for a plurality of registered users of the information exchange 
system, the user profile information including a plurality of data elements, each data 
10 element having an associated one of the plurality of registered users; 

wherein each data element has an associated subset of users to whom 
='3 access to the data element has been granted; and 

m wherein users not included in the associated subset of users are denied 

j!H access to the data element. 

1® 2. The information exchange system of Claim 1 further including: 

a profile management application executing on the information exchange 
k i system, the profile management application providing each respective user with 
u facilities to selectively control the granting and denying of access to each of its 
^ associated data elements by other respective users. 



information includes a set of pre-defined data fields, and wherein the profile 
management application is adapted to dynamically create new data fields for storing a 
new data element, upon the request of a registered user. 

4. The information exchange system of Claim 3 wherein the database 
25 management system includes a plurality databases distributed across the network. 



20 



3. 



The information exchange system of Claim 2 wherein the user profile 
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5. The information exchange system of Claim 4 further comprising: 
an affiliate system, including: 

an affiliate database management system connected to the network 
through a physical firewall, and adapted to store the user profile information for a 
5 plurality of registered users of the information exchange system, the user profile 
information including a plurality of data elements; and 

a plurality of affiliate network devices connected to the affiliate 
database management system through a local network. 

6. The information exchange system of Claim 5 wherein the data elements 
10 stored in the affiliate database management system are categorized as one of private 

□ information and public information; and 

wherein a software firewall prevents executing on the affiliate database 

:5 management system prevents data elements categorized as private information from 

!<fj being accessed from network devices connected to the affiliate database management 

tjf system through the physical firewall. 

:;3 7. The information exchange system of Claim 6 wherein the software firewall 

^ does not prevent data elements categorized as private information from being accessed 

«= by an affiliate network device. 

8. The information exchange system of Claim 4 wherein the profile 
20 management application provides each respective user with facilities to selectively push 

individual data elements to respective users. 

9. The information exchange system of Claim 4 wherein at least one network 
device includes intelligent synchronization software executing thereon, the intelligent 
synchronization software operating to detect network connectivity and selectively 

25 download updated user profile information. 
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10. The information exchange system of Claim 9 wherein the profile 
management application further provides each respective registered user with facilities 
to define views of user profile information, each view including at least one data element 
associated with the registered user; and 

5 wherein the profile management application further provides each 

respective registered user with facilities to selective grant and deny other respective 
users access to each respective view. 

11. The information exchange system of Claim 10 wherein the profile 
management application further provides each respective registered user with facilities 

1 0 to define user groups, each user group including at least one user; and 

wherein the profile management application further provides each 
[ ;i respective registered user with facilities to selective grant and deny the members of 
l -M each data group access to each respective view. 

!=?! 12. The information exchange system of Claim 11 wherein each stored data 

1 j l element is encrypted with a secret key. 

£0 

n 13. The information exchange system of Claim 12 wherein each registered 

^ user has an associated public key/private key pair, each key being selected for use in a 
public key cryptography system. 

14. The information exchange system of Claim 13 wherein, for each user that 
20 has been granted access to respective data element, a copy of the secret key 

associated with the data element is encrypted using the user's public key, and the 
encrypted secret key is stored by the database management system. 

1 5. The information exchange system of Claim 14 further comprising: 

a key management system connected to the database management 
25 system, the key management system, in response to requests from the database 
management system, generates encryption and decryption keys. 
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16. In a network including a plurality of network devices operated by a plurality 
of users, a real-time information exchange system for sharing user profile information 
between respective users of the network devices, comprising: 

a first database management system storing a first subset of the user 
profile data for a plurality of registered users of the information exchange system, the 
first subset of profile information including a plurality of data elements, each data 
element having an associated one of the plurality of registered users; and 

a first network server connected to the network and the first database 
management system, the first network server including: 
a first processor; and 

a first program memory connected to the first processor and having 
program instructions stored therein, the first processor being operable to execute the 
program instructions, the program instructions including: 

for each registered user, selectively granting and denying 
access to each of the registered user's associated data elements, to other users in the 
network. 
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1 7. The information exchange system of Claim 1 6 further comprising: 

a second database management system storing a second subset of the 
user profile data for a plurality of registered users of the information exchange system, 
the second subset of profile information including a plurality of data elements, each data 
element having an associated one of the plurality of registered users; and 

a second network server connected to the network and the second 
database management system, the second network server including: 

a second processor; and 

a second program memory connected to the second processor and 
having program instructions stored therein, the second processor being operable to 
execute the program instructions, the program instructions including: 



access to each of the registered user's associated data elements, to other users in the 
network; 

wherein the profile data for at least one registered user is distributed 
across the first and second database management systems. 



for each registered user, selectively granting and denying 
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18. In a network including a plurality of network devices operated by a plurality 
of users, a method for storing member profile information that provides for selective 
real-time information exchange of the member profile information between network 
devices comprising the steps of: 

receiving profile information for a member, the member having a member 
identification number and an associated public key/private key pair; 

generating a secret key for each granular data element of the received 
profile information; 

encrypting each granular data element using its associated secret key; 

storing each encrypted granular data element in a first database; 

encrypting each secret key with the member's public key; and 

storing each encrypted secret key in a second database, along with the 
member's identification number. 



LA2:5T1 621.1 



-67- 



